[Mailman-Users] what is a virtual domain?
Stephen J. Turnbull
stephen at xemacs.org
Mon Nov 19 16:53:52 CET 2012
Lindsay Haisley writes:
> It's not unusual at all. From the point of view of DNS, there's no
> difference between a virtual domain and a real one.
Actually, that's not true. In the context of Mailman, the most
important one is that an MX record must point to a real domain (ie,
one with an A record) and you probably even want that A record to be
invertible (ie, the PTR for that IP address points back to the same
domain). A virtual domain also is not 100% reliable for SSL/TLS
services because basic TLS does its certificate exchange at a level
"below" the DNS, so deciding which virtual domain's certificate to
present is problematic (there is an extension to the protocol which
fixes this, but it's not 100% implemented, in particular IE on XP
still can't do it according to Wikipedia, which will kill you in Japan
where about 1/3 of business systems are still XP-based).
This isn't particularly relevant to people who are just plain users of
the system, and I imagine to you it's all second-nature now, but the
OP sounds like he's a bit into do-it-yourself so he should be aware of
the limitations on doing tricky stuff based on a virtual domain.
More information about the Mailman-Users